Search Results (363643 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-6937 1 Wolfssl 1 Wolfssl 2025-04-24 5.3 Medium
wolfSSL prior to 5.6.6 did not check that messages in one (D)TLS record do not span key boundaries. As a result, it was possible to combine (D)TLS messages using different keys into one (D)TLS record. The most extreme edge case is that, in (D)TLS 1.3, it was possible that an unencrypted (D)TLS 1.3 record from the server containing first a ServerHello message and then the rest of the first server flight would be accepted by a wolfSSL client. In (D)TLS 1.3 the handshake is encrypted after the ServerHello but a wolfSSL client would accept an unencrypted flight from the server. This does not compromise key negotiation and authentication so it is assigned a low severity rating.
CVE-2024-54931 1 Lopalopa 1 E-learning Management System 2025-04-24 9.8 Critical
A SQL Injection was found in /admin/delete_event.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the id parameter.
CVE-2024-21984 1 Netapp 1 Storagegrid 2025-04-24 5.9 Medium
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 are susceptible to a difficult to exploit Reflected Cross-Site Scripting (XSS) vulnerability. Successful exploit requires the attacker to know specific information about the target instance and trick a privileged user into clicking a specially crafted link. This could allow the attacker to view or modify configuration settings or add or modify user accounts.
CVE-2023-52370 1 Huawei 2 Emui, Harmonyos 2025-04-24 9.8 Critical
Stack overflow vulnerability in the network acceleration module.Successful exploitation of this vulnerability may cause unauthorized file access.
CVE-2024-25982 2 Fedoraproject, Moodle 2 Fedora, Moodle 2025-04-24 4.3 Medium
The link to update all installed language packs did not include the necessary token to prevent a CSRF risk.
CVE-2024-52675 2 Oretnom23, Sourcecodester 2 Sentiment Based Movie Rating System, Sentiment Based Movie Rating System 2025-04-24 9.8 Critical
SourceCodester Sentiment Based Movie Rating System 1.0 is vulnerable to SQL Injection in /msrps/movies.php.
CVE-2024-32847 1 Ivanti 1 Endpoint Manager 2025-04-24 7.2 High
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
CVE-2024-1638 2 Zephyrproject, Zephyrproject-rtos 2 Zephyr, Zephyr 2025-04-24 8.2 High
The documentation specifies that the BT_GATT_PERM_READ_LESC and BT_GATT_PERM_WRITE_LESC defines for a Bluetooth characteristic: Attribute read/write permission with LE Secure Connection encryption. If set, requires that LE Secure Connections is used for read/write access, however this is only true when it is combined with other permissions, namely BT_GATT_PERM_READ_ENCRYPT/BT_GATT_PERM_READ_AUTHEN (for read) or BT_GATT_PERM_WRITE_ENCRYPT/BT_GATT_PERM_WRITE_AUTHEN (for write), if these additional permissions are not set (even in secure connections only mode) then the stack does not perform any permission checks on these characteristics and they can be freely written/read.
CVE-2024-20101 2 Google, Mediatek 17 Android, Mt3605, Mt6985 and 14 more 2025-04-24 9.8 Critical
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998901; Issue ID: MSV-1602.
CVE-2024-20103 2 Google, Mediatek 14 Android, Mt3605, Mt6985 and 11 more 2025-04-24 9.8 Critical
In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001358; Issue ID: MSV-1599.
CVE-2024-20104 5 Google, Linuxfoundation, Mediatek and 2 more 25 Android, Yocto, Mt6781 and 22 more 2025-04-24 8.4 High
In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09073261; Issue ID: MSV-1772.
CVE-2024-25605 1 Liferay 4 Digital Experience Platform, Dxp, Liferay Portal and 1 more 2025-04-24 5.3 Medium
The Journal module in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and Liferay DXP 7.4.13, 7.3 before service pack 3, 7.2 before fix pack 17, and older unsupported versions grants guest users view permission to web content templates by default, which allows remote attackers to view any template via the UI or API.
CVE-2024-20106 2 Google, Mediatek 14 Android, Mt6739, Mt6761 and 11 more 2025-04-24 6.7 Medium
In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08960505; Issue ID: MSV-1590.
CVE-2023-48220 2 Decidim, Scambra 2 Decidim, Devise Invitable 2025-04-24 5.7 Medium
Decidim is a participatory democracy framework. Starting in version 0.4.rc3 and prior to version 2.0.9 of the `devise_invitable` gem, the invites feature allows users to accept the invitation for an unlimited amount of time through the password reset functionality. This issue creates vulnerable dependencies starting in version 0.0.1.alpha3 and prior to versions 0.26.9, 0.27.5, and 0.28.0 of the `decidim,` `decidim-admin`, and `decidim-system` gems. When using the password reset functionality, the `devise_invitable` gem always accepts the pending invitation if the user has been invited. The only check done is if the user has been invited but the code does not ensure that the pending invitation is still valid as defined by the `invite_for` expiry period. Decidim sets this configuration to `2.weeks` so this configuration should be respected. The bug is in the `devise_invitable` gem and should be fixed there and the dependency should be upgraded in Decidim once the fix becomes available. `devise_invitable` to version `2.0.9` and above fix this issue. Versions 0.26.9, 0.27.5, and 0.28.0 of the `decidim,` `decidim-admin`, and `decidim-system` gems contain this fix. As a workaround, invitations can be cancelled directly from the database.
CVE-2024-20107 5 Google, Linuxfoundation, Mediatek and 2 more 24 Android, Yocto, Mt6781 and 21 more 2025-04-24 6.2 Medium
In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09124360; Issue ID: MSV-1823.
CVE-2023-44753 1 Mayurik 1 Online Student Management System 2025-04-24 6.1 Medium
A stored cross-site scripting (XSS) vulnerability fin Student Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter on the profile.php page.
CVE-2023-44752 1 Oretnom23 1 Student Study Center Desk Management System 2025-04-24 9.8 Critical
An issue in Student Study Center Desk Management System v1.0 allows attackers to bypass authentication via a crafted GET request to /php-sscdms/admin/login.php.
CVE-2023-0011 1 U-blox 10 Toby-l200, Toby-l200 Firmware, Toby-l201 and 7 more 2025-04-24 7.6 High
A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands. This vulnerability requires physical access to the serial interface of the module or the ability to modify the system or software which uses its serial interface to send malicious AT commands. Exploitation of the vulnerability gives full administrative (root) privileges to the attacker to execute any operating system command on TOBY-L2 which can lead to modification of the behavior of the module itself as well as the components connected with it (depending on its rights on other connected systems). It can further provide the ability to read system level files and hamper the availability of the module as well.. This issue affects TOBY-L2 series: TOBY-L200, TOBY-L201, TOBY-L210, TOBY-L220, TOBY-L280.
CVE-2023-44040 1 Veridiumid 1 Veridiumad 2025-04-24 6.1 Medium
In VeridiumID before 3.5.0, the identity provider page is susceptible to a cross-site scripting (XSS) vulnerability that can be exploited by an internal unauthenticated attacker for JavaScript execution in the context of the user trying to authenticate.
CVE-2023-7022 1 Tongda2000 1 Office Anywhere 2025-04-24 6.3 Medium
A vulnerability was found in Tongda OA 2017 up to 11.9. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file general/work_plan/manage/delete_all.php. The manipulation of the argument DELETE_STR leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248569 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.